Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-47489

Опубликовано: 11 окт. 2024
Источник: nvd
CVSS3: 5.8
EPSS Низкий

Описание

An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service (DoS) to downstream devices.

Receipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols. This influx of transit protocol packets causes DDoS protection violations, resulting in protocol flaps which can affect connectivity to networking devices.

This issue affects both IPv4 and IPv6. This issue does not require any specific routing protocol to be configured or enabled.

The following commands can be used to monitor the DDoS protection queue:

       labuser@re0> show evo-pfemand host pkt-stats

    labuser@re0> show host-path ddos all-policers

This issue affects Junos OS

Ссылки

EPSS

Процентиль: 23%
0.00073
Низкий

5.8 Medium

CVSS3

Дефекты

CWE-755

Связанные уязвимости

github логотип

GHSA-3x4w-v43m-f5m7

CVSS3: 5.8
github
больше 1 года назад

An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service (DoS) to downstream devices. Receipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols. This influx of transit protocol packets causes DDoS protection violations, resulting in protocol flaps which can affect connectivity to networking devices. This issue affects both IPv4 and IPv6. This issue does not require any specific routing protocol to be configured or enabled. The following commands can be used to monitor the DDoS protection queue:        labuser@re0> show evo-pfemand host pkt-stats     labuser@re0> show host-path ddos all-policers This issue affects Junos ...

fstec логотип

BDU:2024-08467

CVSS3: 5.8
fstec
больше 1 года назад

Уязвимость модуля Packet Forwarding Engine (PFE) операционной системы Junos OS Evolved, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 23%
0.00073
Низкий

5.8 Medium

CVSS3

Дефекты

CWE-755